Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
First Claim
1. A method for enabling secure authentication of a user in a computerized card access transaction while performing said transaction via a computer or other device, said transaction typically associated with at least one activity performed by a user in transacting with a vendor, said vendor being a person, an entity, a computer or a machine and wherein said at least one activity is performed by the user from among a group of activities relating to acquiring of goods or services, and/or access to a computer, a network and/or virtual and physical sites, said method comprising:
- providing the user with a physical card by a card issuer associated with said vendor, said card being embodied in a portable, digitally recordable medium having stored thereon a user program that does not require storage of any passwords, programs, secret keys or any component of said user program on a computer thereby preventing the possibility of such passwords or other sensitive information becoming disclosed either to an unauthorized person who may gain physical access to the user'"'"'s computer or by any form of online intrusion and to enable complete portability of the method so that it is not restricted to a specific programmed computer, but is usable in conjunction with any computer equipped with a compatible operating system;
allocating to said physical card a unique identification number (ID), a password, and where applicable, an account number;
recording in a database associated with the card issuer for each card so provided, details of said ID and said password together with details of the user to whom the card has been provided;
initiating the card transaction in one of outline and online modes, by inserting said card into the appropriate drive of the user'"'"'s computer or by connecting said card to said computer in any other manner while the computer is offline;
activating said card causing it to display a login window on the computer screen;
entering the appropriate password in said login window which appears on the user'"'"'s screen, so as to activate said program on said card causing a further login window to appear;
entering required information in said login window;
generating a unique one-time Cybercoupon comprising a message containing the user'"'"'s ID and other relevant information,wherein during said offline mode, said card transaction is initiated by;
communicating said Cybercoupon as part of said card transaction, to the vendor in any manner not involving online communications,and wherein during said online mode, said card transaction is initiated by;
disconnecting said card from the computer;
connecting the computer online;
communicating said Cybercoupon as part of said card transaction, to the vendor via online communications;
receiving said Cybercoupon at the vendor,processing, by the vendor of said request for authorization in accordance with its standard criteria;
authorizing the card transaction, if said Cybercoupon is determined to be valid and if standard criteria are met;
or otherwise rejecting the card transaction.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and a system for enabling secure authentication of a user in a computerized card access transaction. A card, identified by an identification number is issued to the user, containing software for generating a surrogate number referred to as a Cybercoupon for use in place of the regular card number. Online intrusion is avoided and the system is rendered portable for use on any computer equipped with a compatible operating system, by avoiding storage of any part of the system on the user'"'"'s computer, placing the entire system instead on the card itself. The card contains advertising which appears on the user'"'"'s computer screen. The card is protected by a password. If an incorrect password is entered more than a preset number of times, an “alert” Cybercoupon is generated containing a code advising the card issuer that an irregular attempt has been made to access the card.
-
Citations
20 Claims
-
1. A method for enabling secure authentication of a user in a computerized card access transaction while performing said transaction via a computer or other device, said transaction typically associated with at least one activity performed by a user in transacting with a vendor, said vendor being a person, an entity, a computer or a machine and wherein said at least one activity is performed by the user from among a group of activities relating to acquiring of goods or services, and/or access to a computer, a network and/or virtual and physical sites, said method comprising:
-
providing the user with a physical card by a card issuer associated with said vendor, said card being embodied in a portable, digitally recordable medium having stored thereon a user program that does not require storage of any passwords, programs, secret keys or any component of said user program on a computer thereby preventing the possibility of such passwords or other sensitive information becoming disclosed either to an unauthorized person who may gain physical access to the user'"'"'s computer or by any form of online intrusion and to enable complete portability of the method so that it is not restricted to a specific programmed computer, but is usable in conjunction with any computer equipped with a compatible operating system; allocating to said physical card a unique identification number (ID), a password, and where applicable, an account number; recording in a database associated with the card issuer for each card so provided, details of said ID and said password together with details of the user to whom the card has been provided; initiating the card transaction in one of outline and online modes, by inserting said card into the appropriate drive of the user'"'"'s computer or by connecting said card to said computer in any other manner while the computer is offline; activating said card causing it to display a login window on the computer screen; entering the appropriate password in said login window which appears on the user'"'"'s screen, so as to activate said program on said card causing a further login window to appear; entering required information in said login window; generating a unique one-time Cybercoupon comprising a message containing the user'"'"'s ID and other relevant information, wherein during said offline mode, said card transaction is initiated by; communicating said Cybercoupon as part of said card transaction, to the vendor in any manner not involving online communications, and wherein during said online mode, said card transaction is initiated by; disconnecting said card from the computer; connecting the computer online; communicating said Cybercoupon as part of said card transaction, to the vendor via online communications; receiving said Cybercoupon at the vendor, processing, by the vendor of said request for authorization in accordance with its standard criteria; authorizing the card transaction, if said Cybercoupon is determined to be valid and if standard criteria are met; or otherwise rejecting the card transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for enabling secure authentication of a user in a computerized card access transaction while performing said transaction via a computer or other device, said transaction typically associated with at least one activity performed by a user in transacting with a vendor, said vendor being a person, an entity, a computer or a machine and wherein said at least one activity is performed by the user from among a group of activities relating to acquiring of goods or services, and/or access to a computer, a network and/or virtual and physical sites, said system comprising:
-
a physical card provided by a card issuer, said card being embodied in a portable, digitally recordable medium having stored thereon a user program that does not require storage of any passwords, programs, secret keys or any component of said user program on a computer thereby preventing the possibility of such passwords or other sensitive information becoming disclosed either to an unauthorized person who may gain physical access to the user'"'"'s computer or by any form of online intrusion and to enable complete portability of the method so that it is not restricted to a specific programmed computer, but is usable in conjunction with any computer equipped with a compatible operating system, said physical card having allocated thereto at least a unique identification number (ID) and a password, and where applicable, an account number; and a database associated with the card issuer for each card having recorded therein, details of said ID, said password and where applicable, said account number, together with details of the user to whom the card has been provided; wherein said card is used to perform a card transaction initiated by; inserting said card into the appropriate drive of the user'"'"'s computer or otherwise connecting said card to said computer while the computer is offline; activating the said card causing it to display a login window on the computer screen; entering the appropriate password in said login window which appears on the user'"'"'s screen, so as to activate said program on said card causing a further login window to appear; entering required information in said login window; generating a unique one-time Cybercoupon comprising an encrypted message containing the user'"'"'s ID and other relevant information, and wherein during said of f line mode, said card transaction is initiated by; communicating said Cybercoupon as part of said transaction, to the vendor in any manner not involving online communications, and wherein during said online mode, said card transaction is initiated by; disconnecting, automatically, said card from the computer; connecting the computer online; communicating said Cybercoupon as part of said card transaction, to the vendor via online communications; receiving said Cybercoupon at the vendor, and processing said card transaction by the vendor; transmitting by the vendor to the card issuer via a communication network, a request for authorization of the card transaction, if the vendor requires authorization by the card issuer before said vendor is entitled to give effect to said transaction; receiving said request for authorization at the card issuer; processing, by the card issuer of said request for authorization in accordance with its standard criteria; authorizing the card transaction, if said Cybercoupon is determined to be valid and if the card issuer'"'"'s standard criteria are met; or otherwise rejecting the card transaction.
-
Specification